Google is launching a new effort called "Simplicity Sprint" in an effort to improve efficiency and improve employee focus during an uncertain economic environment. From a report: The Alphabet company had its regular all-hands meeting last Wednesday, and the tone was somewhat urgent as employees expressed concern over layoffs and CEO Sundar Pichai asked employees for input, according to attendees and related internal documentation viewed by CNBC. Google's productivity as a company isn't where it needs to be even with the head count it has, Pichai told employees in the meeting. "I wanted to give some additional context following our earnings results, and ask for your help as well," Pichai opened, referring to the company's second-quarter earnings report Tuesday. "It's clear we are facing a challenging macro environment with more uncertainty ahead." He added, "There are real concerns that our productivity as a whole is not where it needs to be for the head count we have." He asked employees to help "create a culture that is more mission-focused, more focused on our products, more customer focused. We should think about how we can minimize distractions and really raise the bar on both product excellence and productivity."

Someone leaked an internal Amazon memo to Vox's Recode. The May 2021 memo "offers rare insights into the anti-union strategies of one of the world's most powerful companies," Recode writes: The memo laid out two crucial goals for Amazon: establish and deepen "relationships with key policymakers and community stakeholders" and improve "Amazon's overall brand...." To achieve these goals, the memo proposed strategies to help Amazon boost its reputation and simultaneously "neutralize" company critics by befriending these critics' own allies and by launching feel-good initiatives to turn the media and local politicians into company boosters....

Amazon staff acknowledged in the memo that the Teamsters' "economic argument is ... currently stronger," with union truck drivers, warehouse workers, and grocery store staff earning better or equal compensation packages as Amazon employees in the Southern California region the memo focused on. (A few months later, in September 2021, Amazon announced it had raised its average starting wage for front-line workers to $18 an hour, though many workers make less than that....) Amazon shrewdly planned to "intentionally seek partnerships with some organizations that work closely with our opposition." Those included organizations dedicated to helping incarcerated people find stable work upon reentry into society, such as the Anti-Recidivism Coalition, Homeboy Industries, and Defy Ventures, all named in the memo....

Taken together, these proposals are an unsurprising but stark reminder that, as is the case with many corporations, Amazon's public-facing actions are overwhelmingly in service of promoting or protecting the company, often in reaction to critics demanding that the company improve its labor practices. The billboards and TV commercials selling the narrative of Amazon as a great place to work, and the PR-friendly community partnerships in towns across the country where Amazon wants to set up shop, are developed for these reasons. Altruism this is not....

Overall, the memo highlights the extent to which union-led criticisms are creating sizable obstacles to Amazon's growth plans in its most crucial US market. But they also serve as a clear reminder that the company possesses vast resources to combat critics, and cunning strategies to portray reputation makeovers as corporate benevolence.

An anonymous reader quotes a report from Gizmodo: Intel could really use a few bucks from the recently passed (by Congress, at least) $280 billion CHIPS and Science ACT. The U.S. chipmaker shocked investors on Thursday, revealing it lost nearly $500 million in Q2, its first quarterly loss in years. The company cited weakened demand for PC components and downturns in the broader economy as the main culprits for the declines. Overall, Intel's revenues were down 22% year over year. Those results have forced Intel to lower its expected yearly revenues down from $68 billion to $65 billion. Yikes.

Intel CEO Pat Gelsinger said the results were "disappointing." "This quarter's results were below the standards we have set for the company and our shareholders," Gelsinger said. "We must and will do better. The sudden and rapid decline in economic activity was the largest driver, but the shortfall also reflects our own execution issues." He continued. "We are being responsive to changing business conditions, working closely with our customers while remaining laser-focused on our strategy and long-term opportunities. We are embracing this challenging environment to accelerate our transformation." In his prepared statements, Chief Financial Officer David Zinsner elaborated on the declines, saying a worse than expected covid-19 related downturn was partly responsible for declining consumer demand. On the economic side, Zinsner said a combination of rising inflation, higher interest rates, and downstream effects from the war in Ukraine hit the company particularly hard. "Due to the difficult macroeconomic environment together with our own execution challenges, our results for the quarter were well below expectations and necessitate a significant revision to our full-year financial guidance," Zinsner said.

Now, Intel says it's planning to pass on some of that inflationary pricing to consumers. In statements first spotted by PC World, Zinsner reportedly confirmed the company's getting ready to hike prices for components, so you might want to buy any new Intel chips before the fourth quarter. While Zinsner didn't say how much prices will rise by, previous reports claim the company's considering increases of up to 20% for certain processors. "You know we can absorb a lot of inflationary impacts that others can't," Zinsner said, according to PC World. "But at this point now that some of the price increases, inflationary increases, have turned out to be more permanent, where there's a certain amount that we do need to pass on to the customers." "As we look beyond the near term, the semiconductor industry continues to be at the beginning of a new structural growth phase driven by four superpowers: ubiquitous compute, pervasive connectivity, cloud-to-edge infrastructure and AI," added Gelsinger. "What remains very clear, even during this period of uncertainty, is the growing importance of silicon to the global economy and to each of our daily lives."

Spotify has stopped manufacturing Car Thing, a dashboard accessory designed to make it easier to control the streaming service on your phone from a car. From a report: The change was quietly announced as part of the company's latest earnings release, which notes the decision cost the company $32 million. "Reported Gross Margin was negatively impacted by our decision to stop manufacturing Car Thing," the release reads. "Based on several factors, including product demand and supply chain issues, we have decided to stop further production of Car Thing units," a spokesperson for the company told TechCrunch. "Existing devices will perform as intended. This initiative has unlocked helpful learnings, and we remain focused on the car as an important place for audio."

An anonymous reader shares a report: After a public controversy four years ago, Rockstar, the maker of Grand Theft Auto, is reinventing itself as a kinder, gentler company. But employees aren't sure it can still produce the chart-topping caliber of game the studio has become known for. The development of Grand Theft Auto VI has been slower than impatient fans and even longtime employees have expected, despite morale across the company being higher than ever, according to many staffers. Between the company's new direction and the 2019 departure of Dan Houser, who led creative direction on many previous games, all indications suggest Grand Theft Auto VI will feel very different than its predecessor.

The game will feature a playable female protagonist for the first time, according to people familiar with the matter. [...] Industry analysts anticipate that the next Grand Theft Auto will be out sometime in Take-Two's 2024 fiscal year, which runs from April 2023 through March 2024, but developers are skeptical. The game has been in development in some form since 2014. Although there are loose schedules in place, people interviewed for this article said they didn't know of any firm release date and that they expect the game to be at least two years away. [...] The game's new map is now focused on a fictional version of Miami and its surrounding areas. Rockstar's plan is to continually update the game over time, adding new missions and cities on a regular basis, which leadership hopes will lead to less crunch during the game's final months.

CNET spoke to the systems and deputy program manager for the Hubble Space Telescope at Lockheed Martin, who remembers the first 1995 "deep field" image from the Hubble Space Telescope — taken over 10 days and revealing 3,000 galaxies. But he also remembers just how revolutionary it was. "To look at a 'dark' sliver of the sky and see so many stars and galaxies really drives home how much we still have to learn about the universe."

Looking back, that was only from 340 miles above our atmosphere — not the million miles from Earth travelled by the Webb Space Telescope (which also scours the universe "for cosmic bits emanating luminescence elusive to human eyes, otherwise known as infrared light.")

Yet while this has been a glorious month for astronomy, "We will absolutely still need Hubble," said Cornell University astronomer Nikole Lewis. "In fact, I'm in the process of trying to put together a budget for a large treasury program on Hubble." Lewis is after something Hubble has but JWST lacks. She studies exoplanets and intends to use visible and ultraviolet light wavelengths to decode clouds and hazes of foreign worlds — the type of light JWST isn't sensitive to. "There's a lot of important information at those wavelengths."

Despite JWST's clout, Hubble is also still the top candidate for scrutinizing galaxies moving along the X or Y axis, rather than the Z axis. "While galactic motion 'toward' and 'away' from Earth is very easy to measure with redshift," a JWST specialty, "'side to side' motion is harder," Caplan said.

In truth, this unique Hubble power turns out to be how we realized a pretty massive detail about galaxies. Many of them are on a crash course right now. By staring at Andromeda over the years — the galaxy that Hubble's namesake used as evidence in 1923 to prove our universe extends beyond the Milky Way — and measuring how its light on individual pixels transferred from one to the next, JWST's predecessor showed us that this galaxy isn't just orbiting ours. "They really will collide," Caplan explained. Would JWST have caught that?

Nonetheless, all of this is to say that as JWST continues to flood the internet with colorful depictions of space's outer reaches, we should remember that it isn't Hubble's replacement. JWST is its successor. It'll work in tandem with Hubble and wouldn't exist in a world without it.... And though the James Webb Space Telescope's story began with a bang, we ought not to let Hubble's end with a whimper. "They're not shutting Hubble down," said Dave Meyer, a Northwestern University professor focused on Hubble discoveries.

"We still think that's about a decade away."
And that systems and deputy program manager for the Hubble Space Telescope at Lockheed Martin also shared another part of its legacy: inspiring the next generation of astronomers. "I grew up being fascinated by the Shuttle program and was mesmerized watching the astronauts service Hubble.

"That was definitely part of my inspiration to become an aerospace engineer."

An anonymous reader quotes a report from 9to5Google: With the addition of the developer-generated Data safety section this year, Google Play removed the old list of app permissions. The Play Store is now reversing this decision in response to user feedback and will have both coexist. In a short thread this morning, Android Developers (@AndroidDev) on Twitter said it "heard your feedback that you find the app permissions section in Google Play useful, and we've decided to reinstate it." It will be "back shortly," but the company did not specify if this will be done through a server-side change or whether a new version of the Play Store app is required: "The Data safety section provides users with a simplified view of how an app collects, shares, & secures user data, but we also want to make app permissions information easily viewable for users to understand an app's ability to access specific restricted data & actions too."

As Google summarizes, the Play permissions list is "based on the install-time permissions that an app declares in its manifest," and "represents an app's ability to access specific data." Data safety is focused on what an app collects and shares with third parties, similar to Apple's App Store. As of July 20, Google is directly warning "non-compliant new app submissions and app updates" that don't completely fill out the Data safety form. Developers have until August 22 to comply or they won't be able to publish new apps or updates. After that, applications might be removed from the Play Store.

An anonymous reader quotes a report from Ars Technica: Federal Communications Commission Chairwoman Jessica Rosenworcel has ordered mobile carriers to explain what geolocation data they collect from customers and how they use it. Rosenworcel's probe could be the first step toward stronger action -- but the agency's authority in this area is in peril because Congress is debating a data privacy law that could preempt the FCC from regulating carriers' privacy practices.

Rosenworcel sent letters of inquiry Tuesday "to the top 15 mobile providers," the FCC announced. The chairwoman's letters asked carriers "about their policies around geolocation data, such as how long geolocation data is retained and why and what the current safeguards are to protect this sensitive information," the FCC said. The letters also "probe carriers about their processes for sharing subscriber geolocation data with law enforcement and other third parties' data-sharing agreements. Finally, the letters ask whether and how consumers are notified when their geolocation information is shared with third parties," the FCC said. "Mobile Internet service providers are uniquely situated to capture a trove of data about their own subscribers, including the subscriber's actual identity and personal characteristics, geolocation data, app usage, and web browsing data and habits," the letters say. Under US communications law, carriers are prohibited from using or sharing private information except under specific circumstances. Rosenworcel told carriers to answer the questions by August 3.

[...] Among other things, Rosenworcel's letters ask carriers to describe in detail the geolocation data they collect and retain from customers, to explain why such data is retained for current and former subscribers, how long the data is retained for, a description of safeguards used to protect the data, and what country or countries the geolocation data is stored in. The letters also ask for details regarding how data retention policies are disclosed to subscribers, data deletion policies, and whether subscribers can opt out of data retention. A second list of questions focused on data sharing asks for each carrier's "process and policies for sharing subscriber geolocation data with law enforcement;" for descriptions of "the arrangements, agreements, and circumstances in which [the carrier] shares subscriber geolocation data with third parties that are not law enforcement;" and whether subscribers are "notified of the sharing of their geolocation information with third parties that are not law enforcement." The data-sharing section also probes whether the carriers let customers opt out of programs that share data with third parties. Because geolocation data is highly sensitive and can be combined with other types of data, "the ways in which this data is stored and shared with third parties is of utmost importance to consumer safety and privacy," Rosenworcel told carriers in the letters. Further reading: Homeland Security Records Show 'Shocking' Use of Phone Data, ACLU Says

The U.S. Securities and Exchange Commission (SEC) is working to get some cryptolending companies properly registered if they operate more as investment firms, the head of the Wall Street regulator told CNBC in an interview on Thursday. From a report: SEC Chair Gary Gensler also said it was up to large financial institutions to decide whether they want to include crypto options in their portfolios for clients, but that the risks of crypto tokens need to be made public.

"We have focused on this area because many of these firms...may well be investment companies taking hundreds of thousands or millions of customers funds, pulling it together, and then relending it while offering pretty high returns. Sounds a little like an investment company, or a bank, you might say," Gensler said. "How are they doing that? What stands behind those promises? We're going to work with the industry to get these firms properly registered under the securities laws."

US lawmakers' efforts to police stablecoins are gaining steam, with a key House committee preparing to consider a plan for imposing new rules as soon as next week. From a report: Leaders of the House Financial Services Committee are eyeing July 27 to advance a bipartisan bill focused on the digital tokens, according to three people with knowledge of the proposal who asked not to be named discussing the panel's plans. Maxine Waters, a California Democrat, and Patrick McHenry, a Republican from North Carolina, have said they're working together to create guardrails for stablecoins, crypto assets that are typically designed to be pegged to the US dollar or other traditional currencies. The current draft of the bill would mandate that stablecoin issuers maintain 100% reserves and bar them from lending stablecoins to customers, according to multiple people with knowledge of the bill text. Stablecoins would be known as "payment stablecoins" under the legislation, and bank and non-bank issuers would operate under the same regulations. The Federal Reserve would license any non-bank stablecoin issuers and would be responsible for monitoring those firms' financial health, according to the people.

The Biden administration is pushing to fill hundreds of thousands of cybersecurity jobs in the United States as part of a bid to close a talent shortage US officials describe as both a national security challenge and an economic opportunity. From a report: On Tuesday, the administration announced a multi-agency plan to create hundreds of registered apprenticeship programs with the private sector to flesh out the nation's cybersecurity workforce -- and defend against a rising tide of data breaches, ransomware attacks and other hacking incidents. In a 120-day sprint, the US government will work with employers to establish apprenticeship programs in the cybersecurity industry, said Labor Secretary Marty Walsh, vowing to launch the joint program with the Department of Commerce "in as little as 48 hours."

The initiative draws funding from a wider $500 million Commerce Department program known as the Good Jobs Challenge, and will particularly focus on recruiting young people, women and minorities to train and work in the cybersecurity field, said Walsh and Commerce Secretary Gina Raimondo at a White House event on Tuesday focused on broader cyber workforce issues. The US government commitment highlights what officials describe as a critical lack of cybersecurity professionals in both government and the private sector who can help protect the nation from foreign adversaries and cybercriminals. Months ago, there were an estimated 500,000 unfilled cybersecurity positions in the United States, Raimondo said, but today that figure has exploded to more than 700,000, a 40% increase.

An anonymous reader quotes a report from Interesting Engineering: A research team consisting of scientists from some of the top institutes in the U.S. have demonstrated a wireless technology that allows neurons in a fly brain to be controlled in less than a second, an institutional press release said. [...] Called Magnetic, Optical, Acoustic Neural Access (MOANA), the program aims to develop a wireless headset that can facilitate brain-to-brain communication in a nonsurgical manner. Jacob Robinson, an associate professor at Rice University is among the researchers working on the project, and his team has developed a method to hack fly brains wirelessly.

The research team used genetic engineering to express a special ion channel in flies' neuronal cells, which can be activated using heat. When the ion channel is activated, the flies spread out their wings, as they would do as part of their mating gesture. To activate the channel at will, the researchers then injected the experimental flies with nanoparticles that could be heated by applying a magnetic field. The genetically modified flies were then introduced into an enclosure that had an electromagnet on top and a camera to capture the movements of the flies. When the researchers activated the electromagnet, the electric field heated the nanoparticles, which activated the neurons, resulting in the flies spreading their wings, as seen in the short video [here]. Analyzing the video from the experiments, the researchers also found that the time lapse between the activation of the electromagnet and the spreading of wings was less than half a second.

Robinson is confident that this ability to precisely activate cells will be helpful in studying the brain, developing brain communication technology as well as treating brain-related disorders. The team is focused on developing technology that will help restore vision in people even if their eyes do not work. They aim to achieve this by stimulating parts of the brain that are associated with a vision to give a sense of vision in the absence of functional eyes. The findings have been published in the journal Nature Materials.

An anonymous reader shares a report: Exactly 10 years ago today, Microsoft completed its $1.2 billion purchase of Yammer, an enterprise-focused social networking platform. Despite a big Yammer overhaul in 2019, Microsoft has been increasingly focused on Teams and its new Viva platform as the hubs of communication in workplaces. Microsoft is now launching Viva Engage today, a new Facebook-like app inside Teams that encourages social networking at work.

Viva Engage builds on some of the strengths of Yammer, promoting digital communities, conversations, and self-expression in the workplace. While Yammer often feels like an extension of SharePoint and Office, Viva Engage looks like a Facebook replica. It includes a storylines section, which is effectively your Facebook news feed, featuring conversational posts, videos, images, and more. It looks and feels just like Facebook, and it's clearly designed to feel similar so employees will use it to share news or even personal interests.

Denmark is effectively banning Google's services in schools, after officials in the municipality of Helsingor were last year ordered to carry out a risk assessment around the processing of personal data by Google. TechCrunch reports: In a verdict published last week, Denmark's data protection agency, Datatilsynet, revealed that data processing involving students using Google's cloud-based Workspace software suite -- which includes Gmail, Google Docs, Calendar and Google Drive -- "does not meet the requirements" of the European Union's GDPR data privacy regulations. Specifically, the authority found that the data processor agreement -- or Google's terms and conditions -- seemingly allow for data to be transferred to other countries for the purpose of providing support, even though the data is ordinarily stored in one of Google's EU data centers.

Google's Chromebook laptops, and by extension Google Workspace, are used in schools across Denmark. But Datatilsynet focused specifically on Helsingor for the risk assessment after the municipality reported a "breach of personal data security" back in 2020. While this latest ruling technically only applies to schools in Helsingor for now, Datatilsynet notes that many of the conclusions it has reached will "probably apply to other municipalities" that use Google Chromebooks and Workspace. It added that it expects these other municipalities "to take relevant steps" off the back of the decision it reached in Helsingor. The ban is effective immediately, but Helsingor has until August 3 to delete user data. A Google spokesperson told TechCrunch in a statement: "We know that students and schools expect the technology they use to be legally compliant, responsible, and safe. That's why for years, Google has invested in privacy best practices and diligent risk assessments, and made our documentation widely available so anyone can see how we help organizations to comply with the GDPR.

Schools own their own data. We only process their data in accordance with our contracts with them. In Workspace for Education, students' data is never used for advertising or other commercial purposes. Independent organizations have audited our services, and we keep our practices under constant review to maintain the highest possible standards of safety and compliance."

A big chunk of Fuchsia-related code has been removed from the Android Open Source Project (AOSP) this week, but Google's two operating systems are still set to have an intertwining relationship. In its place, we have a lone "TODO" message, suggesting that Google may be building up something new in its place. The developer responsible for the change primarily works on Fuchsia's "Starnix" project. 9to5Google reports: In its most public form, Google's in-house operating system, Fuchsia, powers two of the company's smart displays, the Nest Hub and Nest Hub Max. But having watched it develop over the last few years, we know that Google has much larger ambitions for the Fuchsia project. Easily the most ambitious of these is a clear intention for some Fuchsia devices to be able to run apps from other operating systems like Android and Linux. This could -- in theory! -- allow a Fuchsia-powered device to seamlessly replace a Chromebook or Android phone, keeping older apps running as normal. [...]

First shared in early 2021 as a proposal, Starnix is designed to make it possible for Fuchsia to "natively" run apps and libraries that were built for Linux or Android. To do this, Starnix would act to translate the low-level kernel instructions from what Linux expects to what Fuchsia's Zircon kernel expects. It's now been over a year since the Starnix proposal was accepted and work began. In that time, the Fuchsia team has made significant progress in making Linux programs capable of running on Fuchsia devices. In fact, a dedicated Starnix shell was briefly available for testing in builds of Fuchsia's "workstation" -- an experience designed to let developers and enthusiasts play with the operating system. Notably, this shell was not simply Linux but actually a "small Android distribution included in the system." More recently, this was replaced with the ability to access Fuchsia and Starnix's Android capabilities through the adb command, just like you would any other Android device. Looking ahead, it seems Fuchsia's Starnix team is focused on steadily making the operating system compatible with Android and its applications. [...]

A new kind of laser uses tiny moving particles to produce beams of light. The laser is more programmable than standard lasers and the approach could be used to create visual displays that are sharp from all angles. New Scientist reports: Conventional lasers repeatedly bounce light between two mirrors until it becomes bright and focused. Riccardo Sapienza at Imperial College London and his colleagues have built a laser that uses particles that can arrange themselves to carry out a similar process. The new type of laser first requires the use of green light from a traditional laser. The researchers shine this light into a small glass box filled with a liquid solution containing particles of titanium oxide and silicon oxide. This warms up the silicon oxide particles and causes the titanium oxide particles to clump around them.

The green light then bounces between particles in the clump -- similarly to how light bounces between mirrors in conventional lasers -- until the clump itself starts to emit a laser beam, now in the color red. By nudging the particles into different positions with the green light, the team can program the properties of the light emitted by the laser, such as where in the device it originates from and how pure its color is. By comparison, conventional lasers can't be adjusted after manufacturing. The findings have been published in the journal Nature Physics.

An anonymous reader quotes a report from Wired: [R]esearchers from the New Jersey Institute of Technology are warning this week about a novel technique attackers could use to de-anonymize website visitors and potentially connect the dots on many components of targets' digital lives. The findings (PDF), which NJIT researchers will present at the Usenix Security Symposium in Boston next month, show how an attacker who tricks someone into loading a malicious website can determine whether that visitor controls a particular public identifier, like an email address or social media account, thus linking the visitor to a piece of potentially personal data.

When you visit a website, the page can capture your IP address, but this doesn't necessarily give the site owner enough information to individually identify you. Instead, the hack analyzes subtle features of a potential target's browser activity to determine whether they are logged into an account for an array of services, from YouTube and Dropbox to Twitter, Facebook, TikTok, and more. Plus the attacks work against every major browser, including the anonymity-focused Tor Browser. "If you're an average internet user, you may not think too much about your privacy when you visit a random website," says Reza Curtmola, one of the study authors and a computer science professor at NJIT. "But there are certain categories of internet users who may be more significantly impacted by this, like people who organize and participate in political protest, journalists, and people who network with fellow members of their minority group. And what makes these types of attacks dangerous is they're very stealthy. You just visit the website and you have no idea that you've been exposed."

How this de-anonymization attack works is difficult to explain but relatively easy to grasp once you have the gist. Someone carrying out the attack needs a few things to get started: a website they control, a list of accounts tied to people they want to identify as having visited that site, and content posted to the platforms of the accounts on their target list that either allows the targeted accounts to view that content or blocks them from viewing it -- the attack works both ways. Next, the attacker embeds the aforementioned content on the malicious website. Then they wait to see who clicks. If anyone on the targeted list visits the site, the attackers will know who they are by analyzing which users can (or cannot) view the embedded content. [...] Complicated as it may sound, the researchers warn that it would be simple to carry out once attackers have done the prep work. It would only take a couple of seconds to potentially unmask each visitor to the malicious site -- and it would be virtually impossible for an unsuspecting user to detect the hack. The researchers developed a browser extension that can thwart such attacks, and it is available for Chrome and Firefox. But they note that it may impact performance and isn't available for all browsers.

An anonymous reader quotes a report from MIT Technology Review: "People are realizing now: wait a minute, literally everything we do is underpinned by Linux," says Dave Aitel, a cybersecurity researcher and former NSA computer security scientist. "This is a core technology to our society. Not understanding kernel security means we can't secure critical infrastructure." Now DARPA, the US military's research arm, wants to understand the collision of code and community that makes these open-source projects work, in order to better understand the risks they face. The goal is to be able to effectively recognize malicious actors and prevent them from disrupting or corrupting crucially important open-source code before it's too late. DARPA's "SocialCyber" program is an 18-month-long, multimillion-dollar project that will combine sociology with recent technological advances in artificial intelligence to map, understand, and protect these massive open-source communities and the code they create. It's different from most previous research because it combines automated analysis of both the code and the social dimensions of open-source software.

Here's how the SocialCyber program works. DARPA has contracted with multiple teams of what it calls "performers," including small, boutique cybersecurity research shops with deep technical chops. One such performer is New York -- based Margin Research, which has put together a team of well-respected researchers for the task. Margin Research is focused on the Linux kernel in part because it's so big and critical that succeeding here, at this scale, means you can make it anywhere else. The plan is to analyze both the code and the community in order to visualize and finally understand the whole ecosystem.

Margin's work maps out who is working on what specific parts of open-source projects. For example, Huawei is currently the biggest contributor to the Linux kernel. Another contributor works for Positive Technologies, a Russian cybersecurity firm that -- like Huawei -- has been sanctioned by the US government, says Aitel. Margin has also mapped code written by NSA employees, many of whom participate in different open-source projects. "This subject kills me," says d'Antoine of the quest to better understand the open-source movement, "because, honestly, even the most simple things seem so novel to so many important people. The government is only just realizing that our critical infrastructure is running code that could be literally being written by sanctioned entities. Right now." This kind of research also aims to find underinvestment -- that is critical software run entirely by one or two volunteers. It's more common than you might think -- so common that one common way software projects currently measure risk is the "bus factor": Does this whole project fall apart if just one person gets hit by a bus? SocialCyber will also tackle other open-source projects too, such as Python which is "used in a huge number of artificial-intelligence and machine-learning projects," notes the report. "The hope is that greater understanding will make it easier to prevent a future disaster, whether it's caused by malicious activity or not."

An anonymous reader quotes a report from TechCrunch: A major populist but controversial piece of U.K. legislation to regulate internet content through a child safety-focused frame is on pause until the fall when the government expects to elect a new prime minister, following the resignation of Boris Johnson as Conservative Party leader last week. PoliticsHome reported yesterday that the Online Safety Bill would be dropped from House of Commons business next week with a view to being returned in the autumn. The Department for Digital, Culture, Media and Sport (DCMS) denied the legislation was being dropped altogether but the fate of the bill will clearly now rest with the new prime minister -- and their appetite for regulating online speech.

Reached for comment, DCMS confirmed that the bill's final day of report stage will be rescheduled to after the summer recess -- suggesting it had lost out to competing demands for remaining parliamentary time (without specifying to what). The department also made a point of reiterating that the legislation intends to deliver on the government's manifesto commitment to make the U.K. the safest place in the world to be online while defending freedom of speech. But critics of the bill continue to warn it vastly overreaches on content regulation while saddling the U.K.'s digital sector with crippling compliance costs.

David Matthews writes via Nature: See whether this sounds familiar: you build a piece of software to solve a research question. But when you move on to the next project, there's no one to maintain it. As it ages, it becomes obsolete, and the next academic to tackle a similar problem finds themselves having to reinvent the wheel. [...] Now, a funding initiative hopes to help ease that burden. [...] In January, Schmidt Futures, a science and technology-focused philanthropic organization founded by former Google chief executive Eric Schmidt and his wife Wendy, launched the Virtual Institute for Scientific Software (VISS), a network of centers across four universities in the United States and the United Kingdom. Each institution will hire around five or six engineers, says Stuart Feldman, Schmidt Futures' chief scientist, with funding typically running for five years and being reviewed annually. Overall, Schmidt Futures is putting US$40 million into the project, making it among the largest philanthropic investments in this area. The aim is to overcome a culture of relative neglect in academia for open-source scientific software, Feldman says, adding that support for software engineering is "a line item, just like fuel" at organizations such as NASA. "It's only in the university research lab environment where this is ancillary," he says. [...]

Those setting up VISS centers say Schmidt Futures' steady, relatively long-term funding will help them to overcome a range of problems endemic to academic software. Research grants rarely provide for software development, and when they do, the positions they fund are seldom full-time and long-term. "If you've got all of this fractional effort, it's really hard to hire people and provide them with a real career path," says Andrew Connolly, an astronomer who is also helping to set up the Washington centre. What's more, software engineers tend to be scattered and isolated across a university. "Peer development and peer community is really important to those types of positions," says Stone. "And that would be extraordinarily rare in academia." To counter this, VISS centers hope to create cohesive, stable teams that can learn from one another. [...]

Dario Taraborelli, who helps to coordinate another privately funded scientific-software project at the Chan Zuckerberg Initiative (CZI) in California, says that such initiatives fill a key gap in the scientific-software ecosystem, because funding agencies too often fail to prioritize crucial software infrastructure. Although there are now "substantial" grants dedicated to creating software, he says, there's precious little funding available to maintain what is built. Computer scientist Alexander Szalay, who is helping to set up a VISS centre at Johns Hopkins, agrees, noting that very few programs get to a point where enough researchers use and update them to remain useful. "They don't survive this 'Valley of Death,'" he says. "The funding stops when they actually develop the software prototype."